Post navigation

Why is TekSavvy getting trashed for not challenging Voltage?

One of the most striking things about this case concerns the complaints I’ve seen online about TekSavvy’s role. Probably the busiest place for this conversation is the forum on dslreports.com, which attracts a lot of hardcore geeks. On Saturday [Dec 15], Marc Gaudrault posted a lengthy comment headed “Why we are not opposing motion on Monday” [see Dec 17 post].

Traffic!

On Tuesday, December 18, the day after I posted some comments entitled Watching Voltage and TekSavvy duke it out in Federal Court, my analytics showed almost 1,500 uniques. That number almost doubled by the end of the week, while the bounce rate stayed well under 1%.

Nice. But why were so many people giving up all that eggnog for a minor wonk-fest? My thought was white hats, black hats, good meets evil and offers some high courtroom drama. Voltage is a well-documented copyright troll that produces movies like Balls to the Wall. TekSavvy is a popular indie ISP whose corporate culture hinges on excellent customer service and engaging directly with the public on issues of the day. (People have asked me if I get paid to shill for TS and why my comments seem so biased. Disclaimer: I’m a customer but a strictly unpaid shill; and I’m a blogger not a journalist. If you want balance, try the CBC.)

It’s easy to like Marc Gaudrault and about as easy to hope you never meet the head of Voltage Pictures, Nicholas Chartier, in a dark alley. Chartier is a Hollywood guy who managed to get himself barred from the Academy Awards in 2010 for violating campaign standards. Not long after that incident, he got a politely worded email from a Toronto movie fan who suggested that suing thousands of people might be bad for Voltage’s business. Here’s part of Chartier’s response, which makes Charlie Sheen look like a Jesuit missionary:

“I’m glad you’re a moron who believes stealing is right. I hope your family and your kids end up in jail one day for stealing so maybe they can be taught the difference. Until then, keep being stupid, you’re doing that very well. And please do not download, rent, or pay for my movies, I actually like smart and more important HONEST people to watch my films [emphasis in the original].

No good deed goes unpunished

Last time, I noted some disgruntled TS customers were posting on DSLreports in a surprisingly negative tone about Marc’s approach to the case. I put that down to widespread uncertainty, fear of the unknown. After all, Canadians have a lot less experience than Americans with en masse copyright busts. Once through the initial hearing on December 17, I figured the word would spread about the the hard work the TS execs were putting in to help their customers. Imagine my surprise when pundits started coming out of the woodwork to trash TekSavvy for fiddling while their customers get burned.

One comment I received in an email voiced a general feeling of unease with TekSavvy’s handling of the Voltage motion:

I do think [the TekSavvy execs] are talking out of both sides of their mouths by telling the public they take privacy very seriously, but then appearing on the motion to adjourn it a month to give their subscribers time to respond. No third party is going to appear and respond, and Teksavvy is not challenging the substantive evidence that I can see.

The debate took a new turn with a posting on Tuesday from Canadian IP lawyer Howard Knopf: Mass Copyright Litigation in Canada: Some Observations on the Roles and Responsibilities of ISPs and their Customers. Knopf has some useful experience under his belt, having acted as counsel for CIPPIC in the 2004 BMG v. Doe case. While that gig puts him on the side of the angels, Knopf’s post makes it difficult to comment on the merits of his perspective because he invokes the standard lawyer’s disclaimer: We all know who I’m talking about, but I’m not going to say their name and therefore you can’t assume that’s who I mean. What he actually says is: “Nothing in what follows is necessarily a comment about any particular case or situation, unless it is explicitly so indicated.”

Taking coy a step further, Knopf fails to mention TekSavvy in the text of his 2,700-word post – yet adds TekSavvy to the tags list at the bottom of the page (Voltage appears three times in the text, as well as in the tags). Knopf can’t have it both ways. Either his critique of lax ISPs that don’t care about customer privacy does refer to TekSavvy or it doesn’t. By not naming his target, he gets to critique what isn’t “necessarily” TekSavvy’s behavior without the bother of attending to the messy contextual details surrounding what has actually transpired. As a result, we get the following paen to two incumbents, then a scolding for unnamed parties:

Shaw and Telus bravely paved the path [in BMG] for timely and straightforward challenges by ISPs when disclosure material was inadequate. […] The path is now paved and the process is now clear and potentially even be easy in some cases. In appropriate cases, it would be a simple, inexpensive and risk-free effort for an ISP to actively step up to the plate to safeguard its customers’ privacy. Indeed, it is conceivable that in some cases there may be a real risk in not challenging the adequacy of the disclosure order material, both in terms of a business and even, conceivably, a legal sense [emphasis in original].

Another blogger and privacy advocate, Jason Koblovsky, has come down even harder on TS in a series of posts on the subject. Many will remember Jason, and his Canadian Gamers Organization partner Teresa Murphy, as the brave souls who took on Rogers and the CRTC through most of 2011 for Rogers’ throttling of World of Warcraft. As far as TekSavvy is concerned, Jason is adamant that the ISP is not doing nearly enough and is effectively betraying its customers’ trust in the process. On Tuesday, Jason posted comments on the fit between his views and those of Knopf, under the title Validation of Legal Privacy Concerns with Teksavvy vs. Voltage.

Safe harbour?

Before our copyright law was updated, ISP’s could in theory be held jointly and severally liable along with every other party in the communication by telecommunication of an offending file (over the Internet for present purposes). That so-called “safe harbour” – what I used to hear termed the common carrier exemption – has been codified in the new legislation in s.31.1:

A person who, in providing services related to the operation of the Internet or another digital network, provides any means for the telecommunication or the reproduction of a work or other subject-matter through the Internet or that other network does not, solely by reason of providing those means, infringe copyright in that work or other subject-matter.

I said last month that one reason TS was not challenging the Voltage motion more vigorously concerned an implied risk to its neutral status. I was taken to task on this point in an email I received from lawyer Jonathan Mesiano-Crookston, who said the following:

“I disagree with you that if Teksavvy fought the merits of the evidence they would lose their neutral ISP status as far as copyright infringement goes. As the party responsive to the motion for discovery, Teksavvy is entitled to test the evidence which has been submitted to the Court and to which it must respond. Teksavvy would not lose its substantive protection from copyright infringement simply for testing the case against them (relating to equitable discovery).”

He was in agreement here with Knopf, who makes his point this way: “There is no reason to believe that the taking of active, reasonable and responsible steps by an ISP to safeguard and preserve its customers’ privacy would in any way jeopardise the ISPs cherished ‘neutrality’ status.“

According to some, the safe harbour may be safer than I assumed. But according to another lawyer I heard from who wishes to remain anonymous, one risk in making this assumption is there’s been very little case law to guide the interpretation of Parliament’s intentions on the safe harbour. It still seems pausible to me that Mr Justice O’Keefe could announce at some point he doesn’t wish to hear TekSavvy arguing about the downside of copyright trolling, en masse lawsuits or fake litigation. As I’ll explain, however, there’s another, even more important caveat here: a question of fact that overrides any assumptions behind this question of law, i.e. whether TS has actually tested the evidence and/or taken steps to safeguard its customers’ privacy.

Do your homework

Meanwhile, the role TS has allegedly chosen to play was still news as of Thursday in the Financial Post. Legal reporter Christine Dobby writes that TekSavvy “has no plans to challenge the film studio’s motion material as others have in the past.” Does she mean no plans ever to challenge? If so, how would she know? Yes, Marc posted a long item on DSLreports about why TekSavvy was not planning to oppose the Voltage motion. But he wrote that almost a month ago and life has moved on since.

For anyone who wasn’t in the room on December 17, or wasn’t paying attention, counsel for TekSavvy announced to the court that they had in fact been obliged to change their strategy as early as that very morning in light of new developments (to wit, customer feedback on errors in the IP mapping). That development led to a request for adjournment – which where I come from does amount to “challenging” the Voltage motion. Or did plaintiff’s counsel then have a major hissy fit to exercise his vocal cords and waste the court’s time?

Dobby of the FP goes on to say that “the judge granted the delay to give TekSavvy more time to notify the affected customers that they could be implicated and should seek legal advice.” Nope, not true. McHaffie outlined not one but three reasons as grounds for an adjournment: the need for more notice time; creating an opportunity for the inclusion of CIPPIC as an intervenor; and the problem of cleaning up the many false positives and other errors in the primary evidence, Voltage’s numeric IP file. And in the event, Mr Justice O’Keefe granted the delay not on the grounds of need for notice but on the grounds of errors in the evidence. FP should try this new thing they call fact-checking.

(I note in passing that the FP article also fails to tell the reader TekSavvy is under no legal obligation to notify its customers, since the notice-and-notice provisions of the legislation are not yet in force. And yet in his FP interview, McHaffie is positioned as having to deny that TekSavvy would release its customer information without a court order, an unjournalistic piece of innuendo – especially given that Marc’s December 15 post says explicitly TS will only give up customer information if it is “forced” to do so. By contrast, Knopf is quoted as saying that “TekSavvy taking a stand against [the motion] would be an easy win for the company with its customers.” If McAffie wasn’t “taking a stand” the morning of December 17, then what the hell was he doing exactly?)

1 – Sufficient notice. It would be hard for anyone to argue that Voltage provided sufficient time for TekSavvy to collect the customer information Voltage was demanding. Matching numeric IP addresses is a tricky, long-winded process, especially when you consider that the original file sent by Voltage in November contained over 4,000 numeric IPs. Shortly afterwards, Voltage made life even more complicated by suddenly informing TS that it was withdrawing roughly half the file (apparently because it removed a number of the allegedly infringed works). The final version of Voltage’s updated IP file didn’t reach TS until December 3. TS tried to clean and check all the data in one week, to be in a position to send out notices to its affected customers a week later, December 10. That left less than five business days for any potential defendant to take action.

2 – CIPPIC’s amicus role. Jason Koblovsky has said on his blog page that we are, in effect, lucky to have CIPPIC to defend our rights – but their doing so in the Voltage case represents a failure on TekSavvy’s part rather than a victory for the public interest. As Jason wrote on December 17:

One expects arguments around users privacy to come from the CIPPIC, and I think many are disappointed to see another private business yet again cave to Hollywood and abandon the very core principles in which the company has been based on.

The idea that TS had already “caved” to Hollywood within the first hour of this entire proceeding, which with appeals might drag on for months, strikes me as another rush to judgment. Comments with a similar ring from Knopf are even more difficult to fathom:

A non-profit organization such as CIPPIC cannot be expected to intervene in every instance of inadequately framed mass litigation disclosure motions simply because others who could or should do so are unwilling or don’t care.

This assertion that TS failed in its duties by relying on CIPPIC comes from the pen of the very lawyer who acted as lead counsel for CIPPIC in BMG. As I’ve already suggested, claiming TS has betrayed its customers by allegedly not opposing the Voltage motion is, to put it delicately, bullshit. Furthermore, for anyone who isn’t clear what’s going on here, CIPPIC has filed a brief in the guise of what in Latin is termed an amicus curiae, which means “friend of the court” or what is commonly referred to in lay language as an intervenor. The theory is that, in our adversarial system, the court may benefit from having a third party participate in the proceedings in order to supply expert or highly specialized information. Their role is a little like that of expert witnesses, except that amicus briefs are commonly filed by public interest advocacy groups – like CIPPIC.

Check out the screen grab above from CIPPIC’s privacy page. What does it tell you? They specialize in privacy law (among other things). And you won’t be surprised to learn that in 2007 “technology innovator and entrepreneur Dr. Robert Glushko and his wife, law and technology pioneer Professor Pamela Samuelson, made a large donation to CIPPIC, allowing the clinic to continue its student-centered research and advocacy on technology-related policy and law reform.” CIPPIC is, in other words, well funded and well placed to defend the public interest, which is what it intends to do in the Voltage case if the judge thinks their participation will promote justice.

In a prudent and entirely rational decision,TekSavvy has now informed the court that it officially endorses CIPPIC’s request to participate. Why wouldn’t it? And why wouldn’t CIPPIC want to speak on the court record as part of the largest mass lawsuit in Canadian copyright history?

3 – Making the evidence legally adequate. Given Voltage’s history of using the US courts as part of its trolling model, no one should expect the quality of its evidence to be, as Knopf says quoting the court in BMG, “reliable, admissible, timely and non-hearsay.” The evidence so far is a list of 1,000 or more numeric IPs, accompanied by some form of tracking data as obtained by Canipre, the forensic cowboys who claim “Our code gets the who, what, where and when.”

In addition to their cavalier sense of timing and many false positives, Voltage may turn up in court with evidence that is flawed for other reasons. For example, Torrent Freak reported in June 2011 that, in among the suits launched against 175,000 Americans for online infringement in a little over a year, signs have emerged of entrapment using honeypots, i.e. files that are deliberately mislabelled by trolls to induce unsuspecting end-users into downloading them. In one case TF outlines, a woman who thought she was getting a greatest hits album from the Japanese composer Ryuichi Sakamoto was busted instead for downloading… a film with a bunch of gay dudes fucking etc, while apparently not listening to Sakamoto’s experimental J-pop.

Right now the other big question concerning Voltage is: who pays? Not who pays Voltage to compensate them for people ripping off Balls to the Wall. Instead, who pays for all the time, effort and money that’s consumed every time a troll like Voltage dumps thousands of numeric IPs on an independent ISP like TekSavvy. While I understand there are provisions in the law allowing an ISP to recover costs in a suit of this nature, there’s nothing in the Copyright Modernization Act I’m aware of that extends the ISP “safe harbour” provision to protection from frivolous, bad faith lawsuits.

Marc and his senior staff have been consumed now for two entire months by this case, with no end in sight. Costly efforts have gone into at least three sets of activities: trying to match customer records to IPs; setting up a notice system for customers on the charge list; and communicating through the company blog and other venues to the customer base as a whole about unfolding events. Oh, and did I mention they retained Stikeman Elliott, one of the Seven Sisters law firms, which I assume isn’t working for free. What if TekSavvy is denied costs? What if some other asshole from Beverly Hills turns up in a few months and drops another pile of numeric turds on TekSavvy?

Critics of TekSavvy’s strategy owe the rest of us an explanation as to how two months of work on cleaning data, notifying customers and urging the court to give standing to CIPPIC amounts to caving in to Voltage and betraying customers.

At the very least, let’s see the rest of you in court Monday morning listening to what the parties actually say. And for those lying awake at night worried about online privacy in this country, like I do, what say we help TekSavvy run the Voltage fuckers out of town, instead of making one of Canada’s best hopes for a decent Internet experience the bad guys.

I have to wholeheartedly disagree with any statement that says an ISP does not have to challenge any request for private information when it comes to their customers. Under PIPEDA, an ISP, regardless of a court order must ensure that the request for information meets a certain set of standards. If it does not meet the standards (which this from Voltage does not) then they have a responsibility and an obligation to deny the request/challenge the court order.

I believe that is why Tek, I believe, is seemingly changing it’s position on the matter. Could you imagine if everyone of the 2000 customers turned around and filed complaints on Teksavvy for violating PIPEDA? Or even worse if they turned around and sued Teksavvy for not protecting their privacy as is their responsibility laid out by the privacy act? It has already been shown that there are errors in Voltage’s data, that is enough right there to staunchly refuse to provide any information about any of it’s clientelle. Voltage themselves cannot even get an IP address right.

Another stipulation of the Privacy act is that the party requesting the information has to have an intent to actually sue the individuals that they are claiming committed the infringing acts. The sheer number of plantiffs (2000) shows, right off the bat, that they have no intention to sue. That number of cases ans subsequent investigations would bankrupt a small company such as Voltage.

There is more, but I’ve already taken enough webspace on your blog.

This is all before we delve into what an IP address would prove. That is another question for another time, however. If this gets to that point, we can discuss it then but it certainly is not a “smoking gun” by any stretch of the imagination.

Bottom line is there are several reasons why Teksavvy should have denied the request and challenged it in court and why the court order should not have been granted in the first place. Any one of which would be enough to get the request denied without the need for all of this discussion.

All TSI has to do is provide internet access and obey the law, from what I can see that’s all they’ve done so far.

But we’ll see what happens tomorrow, if CIPPIC is allowed to participate I think Voltage will regret ever trying to take their grubby extortion scheme north. We don’t have the same spirit of entrepreneurialism that our southern cousins have infected their legal system with.

Jean-François Mezei -> That’s extremely an interesting take on this, and I hope that ends up being the case here.

The one thing I don’t agree with is how questioning the validity of evidence would any way shape or form make an ISP seem that they are supporting piracy. Anyone that would make such a claim on that could end up being liable.

We seem to have two previous ISPs that have buckled under the pressure of being seen as supporters of piracy, not even questioning the validity of evidence. There’s already ample case law around this. Precedents have been set and are not being used. Weeks after this we’ve had Teksavvy come out and publicly announce they wouldn’t oppose the motion Voltage put on the table. Consumers are pretty much fed up with the optics around this issue that ISPs are too afraid of standing up to these guys in fear of being labeled as a service that supports piracy, when they have a legal obligation to those consumers that should not in anyway be in conflict with that.

In my view, it is still the ISPs direct obligation to fully question the validity of these matters, knowing their protected under law to do so.

However, I also see what the problem is. Safe harbor provisions have yet to be tested within law. Generally speaking I get that ISPs are a bit nervous around it, but with respect to the validity of evidence should that not be the priority from the get go? I think the argument around ISPs being scared off of their legal responsibilities in this because their afraid of being called names, is a bit childish. That has to stop. That’s already put a lot of insecurity into the system as a result, and regardless TSI is just as guilty and the reaction I think many are seeing from consumers around all of this is a result of that insecurity.

What happens in future cases going forward, or that are already in the pipeline? If case law isn’t actively being used directly by ISPs to fulfill the legal obligations ISPs have because they are afraid of being called names, what assurances do consumers have in future cases? Will ISPs keep neglecting their legal obligations in fear of being wrongfully labeled? There are still many questions that have arisen on how this and other cases have already unfolded in recent weeks and where the future lies. I guess the answer to those questions will come in due time. This is still very much a developing story.

There is a failure to make the distinction between the actual copyright infringement accusations and the process of justifying the release of identities.

I could write a program to randomly select some IP addresses that reside within Teksavvy’s network tag some movie name and timestamp them and then go to court requiring customer identity be released.

The process must weed out random accusations made by unqualified persons/groups who financially benefit from such a process.

This is not a fight about defending suspected copyright infringers, it is about ensuring that the data provided by Canipre was collected in a credible and valid fashion and represents information that is substantial enough to warrant release of personal identities of the ISP’s customers.

Canipre makes many claims such as having been able to select only IPs used in Ontario. As Teksavvy and other DSL customers do not make distinction between Ontario and Québec when assigning IP addresses, Teksavvy is best positioned to challenge this claim.

And short of hacking into Teksavvy’s or Rogers’ routers, Canipre would no know which IP blocks are used by Teksavvy for cable customers on Roger’s (Ontario) network. (For cable, a traceroute for each IP might yield a clue because of a cable specific router being used, but Canipre should be made to explain how it can made such a claim)

Who is best positioned to challenge Canipre’s bogus claims that it was able to select only Ontario based IP addresses ? Teksavvy.

The fight at this level has nothing to do with copyright infringement. It is about validity of evidence. So Teksavvy does not risk being seen as defending copyright infringers if it fights how Canipre/Voltage collected those IP addresses.

Having said this, CIPPIC has a bit more latitude in its arguments where it can also make generalised arguments about how an IP address seen in a torrent’s tracker is the moral equivalent of being seen in a bar and is not sufficient to justify accusation that one paid a hooker who was also in that bar at the same time.